58 lines
1.3 KiB
Nix
58 lines
1.3 KiB
Nix
|
{ config, pkgs, ... }:
|
||
|
|
||
|
let
|
||
|
mount-vault = pkgs.writeTextFile {
|
||
|
name = "mount-vault";
|
||
|
executable = true;
|
||
|
destination = "/bin/mount-vault";
|
||
|
text = ''
|
||
|
#!/usr/bin/env bash
|
||
|
|
||
|
set -e
|
||
|
set -o pipefail
|
||
|
|
||
|
VERACRYPT="veracrypt"
|
||
|
if [[ "$OSTYPE" == "darwin"* ]]; then
|
||
|
VERACRYPT="/Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt"
|
||
|
fi
|
||
|
|
||
|
MOUNT_TARGET=$2
|
||
|
if [[ -z "$MOUNT_TARGET" ]]; then
|
||
|
MOUNT_TARGET=$HOME/.vault
|
||
|
fi
|
||
|
|
||
|
sudo chown $USER "$MOUNT_TARGET"
|
||
|
mkdir -p "$MOUNT_TARGET"
|
||
|
|
||
|
MOUNT_SOURCE=$1
|
||
|
if [[ -z "$MOUNT_SOURCE" ]]; then
|
||
|
MOUNT_SOURCE="$HOME/vaults/vault.vera"
|
||
|
fi
|
||
|
|
||
|
chmod a+x "$MOUNT_SOURCE"
|
||
|
|
||
|
if [[ -z "$VAULT_PASSWORD" ]]; then
|
||
|
echo "interactive mount"
|
||
|
$VERACRYPT -t --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||
|
else
|
||
|
echo "non-interactive mount of '$MOUNT_SOURCE' to '$MOUNT_TARGET'"
|
||
|
sudo $VERACRYPT -t --non-interactive -p $VAULT_PASSWORD --mount "$MOUNT_SOURCE" "$MOUNT_TARGET"
|
||
|
fi
|
||
|
echo "mounted"
|
||
|
sudo chown $USER "$MOUNT_TARGET"
|
||
|
echo "chowned"
|
||
|
|
||
|
echo "$MOUNT_SOURCE -> $MOUNT_TARGET"
|
||
|
|
||
|
if [[ -z $NO_INSTALL_VAULT ]]; then
|
||
|
"$MOUNT_TARGET/install"
|
||
|
fi
|
||
|
'';
|
||
|
};
|
||
|
|
||
|
in
|
||
|
{
|
||
|
|
||
|
home.packages = with pkgs; [ mount-vault ];
|
||
|
}
|